CVSS: 9.0EPSS: 0%CPEs: 3EXPL: 0CVE-2022-40756
https://notcve.org/view.php?id=CVE-2022-40756
30 Sep 2022 — If folder security is misconfigured for Actian Zen PSQL BEFORE Patch Update 1 for Zen 15 SP1 (v15.11.005), Patch Update 4 for Zen 15 (v15.01.017), or Patch Update 5 for Zen 14 SP2 (v14.21.022), it can allow an attacker (with file read/write access) to remove specific security files in order to reset the master password and gain access to the database. Si la seguridad de la carpeta está configurada inapropiadamente para Actian Zen PSQL versiones ANTERIORES a la actualización del Parche 1 para Zen 15 SP1 (v15... • https://actian.my.salesforce.com/sfc/p/#300000001XnW/a/4y000000LhjZ/s7Hk0dFM1Z9nLuAPa50rMaZie7mqCR5u33NZFbdKT7Q •
CVSS: 9.8EPSS: 3%CPEs: 2EXPL: 1CVE-2017-11757
https://notcve.org/view.php?id=CVE-2017-11757
31 Jul 2017 — Heap-based buffer overflow in Actian Pervasive PSQL v12.10 and Zen v13 allows remote attackers to execute arbitrary code via crafted traffic to TCP port 1583. The overflow occurs after Server-Client encryption-key exchange. The issue results from an integer underflow that leads to a zero-byte allocation. The _srvLnaConnectMP1 function is affected. El desbordamiento de búfer en la región heap de la memoria en Actian Pervasive PSQL versión 12.10 y Zen versión 13 permite a los atacantes remotos ejecutar código... • http://supportservices.actian.com/support-services/security-center#announcements • CWE-191: Integer Underflow (Wrap or Wraparound) •
CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 0CVE-2015-3993
https://notcve.org/view.php?id=CVE-2015-3993
13 Jun 2015 — Actian Matrix 5.1.x through 5.1.2.4 and 5.2.x through 5.2.0.1 allows remote authenticated users to bypass intended write-access restrictions and execute an UPDATE statement by referencing a table. Actian Matrix 5.1.x hasta 5.1.2.4 y 5.2.x hasta 5.2.0.1 permite a usuarios remotos autenticados evadir las restricciones de acceso de escritura y ejecutar una declaración UPDATE mediante la referencia a una tabla. • http://supportservices.actian.com/images/pdf/Actian-SecAlert_May_2015_NO2_final.doc • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2008-3357
https://notcve.org/view.php?id=CVE-2008-3357
05 Aug 2008 — Untrusted search path vulnerability in ingvalidpw in Ingres 2.6, Ingres 2006 release 1 (aka 9.0.4), and Ingres 2006 release 2 (aka 9.1.0) on Linux and HP-UX allows local users to gain privileges via a crafted shared library, related to a "pointer overwrite vulnerability." Vulnerabilidad de búsqueda de ruta no confiable en ingvalidpw en Ingres 2.6, Ingres 2006 versión 1 (alias 9.0.4), y Ingres 2006 versión 2 (alias 9.1.0) en Linux y HP-UX, que permite a los usuarios locales aumentar privilegios a través de u... • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=733 • CWE-426: Untrusted Search Path •